Microsoft is further tightening security with its next OS

Every new Microsoft operating system release is both a cause for celebration among IT folks and a cause for serious consternation and concern. New features tend to resolve persistent problems and make things a little easier for end-users. We already know the new Start menu is going to make workers more productive, and there will be a clearer divide between desktop and touch users (the OS will know which one you are using).

Thankfully, in terms of security, there's always a few new features to protect not only employees from would-be hackers but to protect the company from a data breach. Still, there's always a possibility that the new OS will provide new attack vectors, especially related to phishing and viruses, that are as yet unknown.

With Windows 10, it's clear Microsoft wants to bolster security without opening up any new holes. For the most part, after testing the preview build, it's clear most of the changes are related to usability and solving that Start menu issue for end-users. The tech giant is not trying to reinvent the wheel again with a dramatically new UI, which is good news for security pros.

Fewer weak points

Brenden Vaughan, a threat research manager at Webroot, says it's a big step in reducing security threats. "With the release of Windows 10, Microsoft is introducing a number of security improvements that should make the world of computing a significantly safer place. All things considered, the security improvements Microsoft is making for Windows 10 sound very promising. Much of it still relies on IT admins and end-users to use the tools at their disposal correctly, but Windows 10 should provide hackers fewer weaknesses to exploit."

In examining the features in the preview build for Windows 10 and the early Microsoft reports about features, the experts agree that the security upgrades look like a major win for those who worry about data breaches. Here are the top new enhancements to ward off hackers.

1. Multi-factor authentication

We already know that Microsoft will add new methods of authentication. IT analyst Charles King says the most important change is that the user will have a few flexible and workable options. For example, if you use a Microsoft Windows phone, you can enable a feature that requires the device to be connected over Bluetooth or Wi-Fi in order to gain access. (This feature has already been available on HP laptops for some time, but now it's baked into the OS).

King says the other options include the requirement to have a biometric device such as a fingerprint reader used as a second authentication in addition to a password. As we've already seen with enhancements to Mac and iOS devices, having a second form of authentication can radically change how easy or hard it is to break into a device. Having these features baked into the OS means it will be easier to deploy and manage them.